Threat Intelligence Blog

Cyveillance Weekly Trends Report – December 30, 2014

Posted December 30, 2014

Welcome to the Cyveillance Weekly Trends Report

Since threat intelligence is constantly evolving, we publish this weekly report to keep our customers updated on the latest threats across a variety of industries. You can read an abridged version below. Follow us on Twitter and subscribe to our blog to make sure you don’t miss any of the latest security articles from Cyveillance experts.

Top Incidents

Insurance/Healthcare

The five biggest 2014 health data breaches listed on the federal tally so far demonstrate that security incidents are stemming from a variety of causes, from hacker attacks to missteps by business associates. The top breaches offer important lessons that go beyond the usual message about the importance of encrypting laptops and other computing devices to prevent breaches involving lost or stolen devices, still the most common cause of incidents. They also highlight the need to bolster protection of networks and to carefully monitor the security practices of business associates.

Global Intelligence

The German Chaos Computer Club, Europe’s largest hacker association, organized its 31st convention for December 27-28, with 120 presentations and dozens of workshops under the title, “A New Dawn,” or 31C3.. Organizers hoped for 10,000 attendees. Presentations included those related to hacks of biometric security features, vulnerabilities of mobile phone protocol SS7 or payment cards with implemented chips, and Internet surveillance programs. Additionally, a list of possible targets of NATO operation ISAF in Afghanistan was published during the convention in collaboration with German news magazine Der Spiegel.

Legal and Regulations

On December 22, the Federal Trade Commission announced that it notified China-based BabyBus (Fujian) Network Technology Co., Ltd., (“BabyBus”) that several of the company’s mobile applications appear to be in violation of the Children’s Online Privacy Protection Rule (the “COPPA Rule”). In a letter dated December 17, the FTC warned BabyBus of potential COPPA violations stemming from allegations that the company has failed to obtain verifiable parental consent prior to its apps collecting and disclosing the precise geolocation information of users under the age of 13.

Cyber Intelligence

Researchers with EMC’s RSA Security Division have pulled back the covers from the Backoff malware in a new report. The Backoff malware made a big splash in the world of cybercrime in 2014, emerging as one of the most notorious pieces of point-of-sale malware in the wild. In August, the U.S. Secret Service linked it to compromises at 1,000 U.S. businesses. It was also linked to attacks on Dairy Queen and the United Parcel Service (UPS). The report offers details of the malware’s command and control infrastructure and how it operates. But perhaps more notably, it offers some indication the attacker or attackers controlling the malware may be in India.

Technology

Facebook, Twitter, and Google are resisting Russian government orders to remove information about a rally next month in support of opposition leader Alexei Navalny, raising the prospect of a showdown over the Kremlin’s efforts to control online information. In response to a request from Russian prosecutors, Roskomnadzor, the country’s communications regulator, began issuing block orders for Russia just hours after the Moscow rally was publicized on social media late last week, officials said. Facebook honored the initial order last weekend and blocked a page promoting the event, but others were quickly created, attracting more attention.

Cyveillance clients get access to the entire Weekly Trends Report, covering all of the above topics and much more. Contact us to find out how we can help your organization. Intelligence.